Customer onboarding process

2023-01-17 06:47

Before using WorldFirst services to receive money, the Customer needs to open a Receiving Account(RA) with WorldFirst. The process to open a Receiving Account for the Customer is names as the Customer onboarding process.

Workflow

Figure 1. Customer onboarding process

Procedure

The Customer needs to bind the account on the Partner's portal to WorldFirst by making an account binding request.
The Partner processes the request and redirects the Customer to a WorldFirst authorization page.

Note: To generate the URL to the page, refer to the Redirection URLs: Partner > WorldFirst section.

On the authorization page:

The Customer needs to log into WorldFirst portal to proceed.
Customer authorizes WorldFirst on the authorization page.
WorldFirst processes the account binding request and creates a unique Receiving Account for the Customer.

WorldFirst redirects the Customer back to the Partner's portal.

Note: For more details about the redirection URL in this step and learn how to handle the URL, refer to the Redirection URLs: WorldFirst > Partner section.

The Partner needs to call the inquiryAccount API to validate the Receiving Account has been successfully created. WorldFirst returns relevant account information such as the account number, active status, currency, etc.

Redirection URLs: Partner > WorldFirst

Method: Get

Generate a signature

You need to generate a signature before signing a URL.

Generate a signature with the MD5 algorithm using the MD5 Utility.

Construct the content with the following rules:

partnerId=partnerId&extBizPartnerId=extBizPartnerId&redirectUrl=redirectUrl&referenceCustomerId=referenceCustomerId&storeUrl=storeUrl&storeName=storeName&currency=currency&affiliate_id=affiliate_id&requestId=requestId&key=key

Where,

Field	Date type	Required	Description
partnerId	String	Yes	The unique ID that is assigned by WorldFirst to identify an onboard Partner. More information: Maximum length: 64 characters
extBizPartnerId	String	Yes	The unique ID that is assigned by WorldFirst to identify an external Partner that is not onboard with WorldFirst. More information: Maximum length: 64 characters
redirectUrl	String	Yes	Callback URL. For example, `https://{domain_name}.com/app/complete-payment-binding`. Note: Partner needs to encode this URL before transmission. For more details, refer to the Encode the URL step. More information: Maximum length: 512 characters
referenceCustomerId	String	Yes	The unique ID that is assigned by the Partner to identify a Customer. Note: WorldFirst uses this field for idempotence control when Customers apply for Receiving Accounts. More information: Maximum length: 64 characters
storeUrl	String	Yes	URL of the Customer's store on Partner's portal. For example, `https://{domain_name}.com/seller/1/` More information: Maximum length: 256 characters
storeName	String	Yes	The name of the Customer's store that is registered on the Partner's portal. More information: Maximum length: 256 characters
currency	String	Yes	Receiving Account's currency. If multiple currencies exist, use "," to separate the currencies. For example, `USD`. More information: Maximum length: 256 characters
affiliate_id	String	No	The Partner's channel ID to track Customer registration. For example, `aff-id-*****`. More information: Maximum length: 64 characters
requestId	String	Yes	The unique ID that is assigned by the Partner to identify the request. Note: WorldFirst uses this field to perform idempotency control onto Receiving Accounts when the Partner attempts to change the bound Receiving Account. More information: Maximum length: 32 characters
key	String	Yes	Secret key provided by the Partner. For example, `***@*.*`. Note: The Partner needs to exchange this cipher with WorldFirst beforehand by contacting WorldFirst Technical Support.

The very order of the parameters cannot be changed. For example, If the URL has extBizPartnerId in front of partnerId, the redirection URL may fail.

Generate a signature:

copy
echo -n "partnerId=*****&extBizPartnerId=*****&redirectUrl=*****&referenceCustomerId=*****&storeUrl=*****&storeName=*****p&currency=USD&requestId=*****&key=*****@***.***" | md5sum

Generated signature: f4bfcde6a3e9edab347ae849e54*****.

Alternatively, generate a signature with Java:

copy
package com.alipay.iopentools;
import java.math.BigInteger;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
/**
 * MD5 encryption/authentication tool class
 */
public class MD5Utils1 {
    /**
     * String encrypted to MD5 without salt
     *
     * @param plainText Pass in the string to be encrypted
     * @return Generate 32-bit (lowercase letters + numbers) string after MD5 encryption
     */
    public static String MD5Lower(String plainText) {
        try {
            MessageDigest md = MessageDigest.getInstance("MD5");
            md.update(plainText.getBytes());
            return new BigInteger(1, md.digest()).toString(16);
        } catch (NoSuchAlgorithmException e) {
            e.printStackTrace();
            return null;
        }
    }
    /**
     * Test
     *
     * @param args
     */
    public static void main(String[] args) {
        String sign_data = "partnerId=*****&extBizPartnerId=*****&redirectUrl=*****&referenceCustomerId=*****&storeUrl=*****&storeName=*****p&currency=USD&requestId=*****&key=*****@***.***";
        String signature = MD5Lower(sign_data);
        System.out.println(signature);
    }
}

Sign the URL

Construct a signed URL with the following rules:

https://{domain_name}.com/enterprise/auth?partnerId=partnerIdextBizPartnerId=extBizPartnerId&redirectUrl=redirectUrl&referenceCustomerId=referenceCustomerId&storeUrl=storeUrl&storeName=storeName&currency=currency&affiliate_id=affiliate_id&requestId=requestId&signature=signature

Sample content after inserting the signature to the URL:

copy
https://{domain_name}.com/enterprise/auth?partnerId=*****&extBizPartnerId=*****&redirectUrl=*****&referenceCustomerId=*****&storeUrl=*****&storeName=*****&currency=USD&requestId=*****&signature=f4bfcde6a3e9edab347ae849e54*****

Encode the URL

Partner needs to certify the URL is properly encoded before transmission. For more information, refer to the Message encoding chapter.

Redirection URLs: WorldFirst > Partner

After the Customer completes the authorization process and creates Receiving Account on the WorldFirst website, this URL redirects the customer back to the Partner's portal. This URL is not required to be signed.

The URL has the following structure:

https://{domain_name}.com?partnerId=partnerId&extBizPartnerId=extBizPartnerId&referenceCustomerId=referenceCustomerId&resultMsg=resultMsg

Sample URL:

copy
https://{domain_name}.com?partnerId=*****&extBizPartnerId=*****&resultMsg=SUCCESS

Where:

Field	Data type	Required	Description
partnerId	String	Yes	The unique ID that is assigned by WorldFirst to identify a contracted Partner. Maximum length: 64 characters
extBizPartnerId	String	Yes	The unique ID that is assigned by WorldFirst to identify an external Partner that is not onboard with WorldFirst. Maximum length: 64 characters
referenceCustomerId	String	No	The unique ID that is assigned by the Partner to identify a Customer. This parameter is required when the partner redirects to WorldFirst. Maximum length: 64 characters
resultMsg	String	Yes	Messages of the result. `SUCCESS` indicates that OAuth is successful. Other returned value indicates OAuth is not successful. Refer to the Result code section down below for details. Maximum length: 512 characters

The very order of the parameters cannot be changed. For example, If the URL has extBizPartnerId in front of partnerId, the redirection URL may fail.

Result code

`resultMsg`Message	Status	Description	Further Action
SUCCESS	S	Success
PARAM_ILLEGAL	F	Illegal parameter	Retry with the correct parameters.
CURRENCY_ALREADY_EXISTS	F	Currency already exists	Retry with the correct currency.
CURRENCY_OUT_OF_SUPPORTED_RANGE	F	Currency is not supported	Retry with the correct currency.
SYSTEM_BUSY	U	System is busy	Retry later or contact WorldFirst Technical Support.
SIGNATURE_VERIFICATION_FAILED	F	Invalid signature	Check the signature and retry.

Result processing logic

You can test whether the Receiving Account has been successfully created guided by the following criteria:

Merchant successfully gets onboard on the WorldFirst authorization page, creates a shop and Receiving Account. WorldFirst redirects the Merchant back to the Partner's portal. Considering the resultMsg field of this redirection URL:

If resultMsg=SUCCESS, WorldFirst has successfully created a Receiving Account for the Merchant.
If resultMsg=CURRENCY_OUT_OF_SUPPORTED_RANGE, WorldFirst failed to create a Receiving Account for the Merchant since WorldFirst does not support the Receiving Account's currency. The Merchant needs to choose a supported currency for the Receiving Account instead.
If resultMsg=PARAM_ILLEGAL, WorldFirst failed to create a Receiving Account for the Merchant since an illegal parameter is selected. Generate another redirection URL with correct parameters.
If resultMsg=CURRENCY_ALREADY_EXISTS, WorldFirst failed to create a Receiving Account for the Merchant since the currency selected for the Receiving Account already exists.
If resultMsg=SIGNATURE_VERIFICATION_FAILED, WorldFirst failed to create a Receiving Account for the Merchant since the redirection URL failed to pass signature verification process. The Partner needs to regenerate a signature for the URL.

After completing the Customer onboarding process, it is suggested as the best practice for the Partner to call the inquiryAccount API to check whether the Receiving Account has been created.

If the referenceCustomerId field is missing when calling the inquiryAccount API, the API request fails. In the response messages, the resultCode field is PARAM_ILLEGAL.
If the inquiry succeeds

If the Receiving Account has been successfully created, a list of Receiving Accounts is demonstrated in the response message.
If the Receiving Account does not exist, no Receiving Account is returned in the response message.

Subsequently, the Customer can log into the WorldFirst website, and check whether the shop and Receiving Account created is correct.